On Sun, Apr 29, 2001 at 12:21:33AM +0200, Robin Berjon wrote:
> At 17:17 28/04/2001 -0500, will trillich wrote:
> >so i guess what you're saying is, some browsers look for
> >a "redirect:" header and then charge off to the new location
> >without handling any "set-cookie:" headers in the meantime?
>
> Precisely. And some also don't report the cookie before the second page
> after the redirect (presumably because they consider it to be the same
> request). I think that behaviour only happens with permanent redirects though.
>
> One thing that helps (often, not always) is to make sure that your
> Set-Cookie header is sent before the Location header of the redirect.
here's the code, direct from the modperl book, and downloaded in
person from modperl.com:
package Apache::TicketAccess;
use strict;
use Apache::Constants qw(:common);
use Apache::TicketTool ();
sub handler {
my $r = shift;
my $ticketTool = Apache::TicketTool->new($r);
my($result, $msg) = $ticketTool->verify_ticket($r);
unless ($result) {
$r->log_reason($msg, $r->filename);
my $cookie = $ticketTool->make_return_address($r);
$r->err_headers_out->add('Set-Cookie' => $cookie);
return FORBIDDEN;
}
return OK;
}
1;
__END__
i suppose i'd need to change
return FORBIDDEN;
to
print htmlheaders-including-meta-refresh, brief-html-stuff;
return OK;
right?
--
don't visit this page. it's bad for you. take my expert word for it.
http://www.salon.com/people/col/pagl/2001/03/21/spring/index1.html
[EMAIL PROTECTED]
http://sourceforge.net/projects/newbiedoc -- we need your brain!
http://www.dontUthink.com/ -- your brain needs us!